Kaseya Community

The new REST API in VSA R9.3

  • I think the information above in this thread is exactly what you're looking for. Have you read through these comments?

    Patty has a post on June 2 that has a link to the internal Kaseya-provided javascript routines that generate hashes. I have a post on June 16 that describes in detail the steps for obtaining a token without using the javascript hash functions (using cURL, nonetheless).

    Is there something in particular that you are stuck on?


  • Thank you for your reply Nate.

    I'm looking for a PHP example/snippet on how to use curl in php to auth against Kaseya. A "template" if you will, where i can replace the URL, username, password and the random number and get a successfull return.

    The old API was very well documented and has an asp testclient (http://<your-KServer>/vsaWS/TestClient/TestClient.asp) that holds the elements of what and how to do, something similar for the new API would be awsome!

    *Edit* As reply to your question... i'm stuck at figuring out a way to hash the request in php. I will eventually get there (hopefully), just finding it a bit frustrating having to reinvent the wheel. It's great that Kaseya made a C++ example of a client, making a few more in other comon languages would save many a lot of time, as proven by this thread.

    [edited by: Erik Ribbhammar at 12:12 PM (GMT -7) on Oct 6, 2016]
  • To whomever is interested, i've created a Kaseya rest api GUI with source code here:



  • HI all

    Detailed instructions on how to build the payload for the Auth header at at help.kaseya.com/.../9030000 for 9.3 and help.kaseya.com/.../9040000 for 9.4. There is no difference between the two but I've linked them since they're separate pages.

  • Hello, can you point me out where I am doing the mistake, for that I can't make API call

    $Random = 101; //later it will be random int

     $username = 'myusername';

     $password = 'mypassword';

     $RawSHA256Hash = hash('sha256', $password);

     $CoveredSHA256HashTemp = hash('sha256',$password.$username);

     $CoveredSHA256Hash = hash('sha256',$CoveredSHA256HashTemp.$Random);

     $RawSHA1Hash = sha1($password);

     $CoveredSHA1HashTemp = sha1($password.$username);

     $CoveredSHA1Hash = sha1($CoveredSHA1HashTemp.$Random);

     $string = "user=$username,pass2=$CoveredSHA256Hash,pass1=$CoveredSHA1Hash,rand2=$Random,rpass2=$RawSHA256Hash,rpass1=$RawSHA1Hash";

    $header = base64_encode($string); //this header not working in Basic Authentication

    Thanks in advance

  • Dont have time to beautify this into a working example as the code is about 700 lines of various other proprietary stuff and I'll forget later if I dont post it now. I had to cut out a bunch of stuff in the code I have but hopefully this helps you out a bit.

    My biggest issue was I needed to add .toLower() when calculating the hash in powershell

    function Calculate-KaseyaHash([String]$hashstring, [String]$hashencryption) {

    $SHA1hasher = new-object System.Security.Cryptography.SHA1Managed

    $SHA256hasher = new-object System.Security.Cryptography.SHA256Managed

    Remove-Variable hashByteArray -ErrorAction SilentlyContinue

    switch ($hashencryption) {

    "SHA1" {

    $hashByteArray = $SHA1hasher.ComputeHash([System.Text.Encoding]::ASCII.GetBytes($hashstring))


    "SHA256" {

    $hashByteArray = $SHA256hasher.ComputeHash([System.Text.Encoding]::ASCII.GetBytes($hashstring))


    default {

    Write-Host "ERROR: Bad hashencryption string passed to Calculate-Kaseya-Hash. Verify SHA1 or SHA256 was entered"




    foreach ($byte in $hashByteArray) {

    $kstring += $byte.ToString("X2")


    return $kstring.toLower()



    function dostuff($username,$password,$2fatoken){

    $randomNumber = Get-Random -Minimum 10000000 -Maximum 99999999

    $RawSHA256Hash = Calculate-KaseyaHash $password "SHA256"

    $CoveredSHA256Hash = Calculate-KaseyaHash "$password$username" "SHA256"

    $CoveredSHA256Hash = Calculate-KaseyaHash "$CoveredSHA256Hash$randomNumber" "SHA256"

    $RawSHA1Hash = Calculate-KaseyaHash $password "SHA1"

    $CoveredSHA1Hash = Calculate-KaseyaHash "$password$username" "SHA1"

    $coveredSHA1Hash = Calculate-KaseyaHash "CoveredSHA1Hash$randomNumber" "SHA1"

    return 'user=' + $username + ',pass2=' + $CoveredSHA256Hash + ',pass1=' + $CoveredSHA1Hash + ',rpass2=' + $RawSHA256Hash + ',rpass1=' + $RawSHA1Hash + ',rand2=' + $randomNumber + ',twofapass=' + $2fatoken


    #------------ cut out of another function

    $hash = Create-KaseyaHash -username $kusername -password $kpassword -authattempt $authiteration

    $base64string = [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($hash))

    $basicAuth = "Basic $base64string"

    $uri = "" # YOUR URI here

    $Headers = @{

    Authorization = $basicAuth


    $results = Invoke-RestMethod -Uri ($uri + '/auth') -Headers $Headers -Method GET


    [edited by: mikeelindsay at 9:42 AM (GMT -7) on Sep 13, 2017]